Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/91f3c502-b2df-42d7-b72f-74c1ceaacdb9.roa
File:                     91f3c502-b2df-42d7-b72f-74c1ceaacdb9.roa (raw, json)
Hash identifier:          xDqA30XzfXuIjewjLVuJEVXo41lI7VM1BkHxSgkjvjg=
Subject key identifier:   18:F2:20:6A:8E:FD:6E:1D:9D:76:75:35:6A:1F:C4:72:D4:FF:AD:62
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       1498063B4B373F416436C07F85E7F33CFC42F2DD
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/91f3c502-b2df-42d7-b72f-74c1ceaacdb9.roa
Signing time:             Fri 26 Sep 2025 00:56:21 +0000
ROA not before:           Fri 26 Sep 2025 00:56:21 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        3.174.148.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sun 19 Oct 2025 00:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:98:06:3b:4b:37:3f:41:64:36:c0:7f:85:e7:f3:3c:fc:42:f2:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Sep 26 00:56:21 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=06593e2ab1a8736f4e249fcc56c9a907d21e58df087a15bf233c3d02a1fdf208, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:71:89:ae:e6:0a:75:cc:23:f1:cb:7a:01:ee:
                    b8:07:64:f2:d0:68:52:4e:01:af:9d:f6:a6:37:7d:
                    11:78:75:b3:48:d2:dd:93:bd:ed:2d:79:b1:d9:c6:
                    8d:2d:db:87:be:3e:52:36:7d:c8:c0:fd:0a:ba:7f:
                    70:7a:c3:1e:88:75:c8:9a:99:c4:e3:bd:75:e7:48:
                    50:98:d8:65:f8:22:16:9c:bc:32:92:53:a2:2e:7d:
                    ca:06:b4:ab:2b:5a:65:95:35:cf:fc:d6:c3:92:c9:
                    8e:c2:44:9d:43:60:5e:45:a3:d8:f8:c7:1f:3c:1e:
                    81:91:28:71:af:7a:a4:b6:1e:ea:23:ed:32:fe:95:
                    e8:36:2e:ca:c4:49:c8:c4:ed:a1:32:1a:f8:49:4f:
                    7f:fc:80:a4:09:29:02:2d:39:0b:80:8d:6a:b8:89:
                    54:1f:f4:72:24:a3:55:29:08:8f:8a:b2:bf:be:9c:
                    9f:b1:e0:ad:a8:6d:2e:1f:fb:8d:dd:cf:34:e8:73:
                    70:8f:49:8d:cd:1e:57:5e:0e:35:c2:13:42:08:60:
                    c2:cd:69:7b:ab:0f:01:8a:87:9b:25:ec:b4:56:b5:
                    d3:35:10:df:e3:d7:bb:d4:be:54:a7:47:56:a6:ff:
                    95:75:09:ac:16:e6:cf:5b:2c:ce:4f:4c:17:8a:34:
                    e8:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:F2:20:6A:8E:FD:6E:1D:9D:76:75:35:6A:1F:C4:72:D4:FF:AD:62
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/91f3c502-b2df-42d7-b72f-74c1ceaacdb9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  3.174.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ae:75:f1:f9:ad:d3:dc:f0:a0:4c:49:b5:ac:60:88:ff:a6:6f:
         ed:d2:36:01:a4:e0:f7:bc:60:82:00:37:0e:d4:42:f5:90:97:
         79:bb:a0:88:93:15:63:a1:77:7d:4e:fb:8d:63:ce:ab:07:47:
         46:a0:a1:4d:61:a0:51:60:dd:b1:85:45:99:8b:7f:cf:01:cd:
         8e:73:d1:0f:4f:11:3c:b8:bd:4d:1a:ce:b5:1a:55:33:f1:40:
         26:95:5d:f3:41:45:a6:9c:f3:57:f9:79:c4:61:19:d4:b7:d2:
         e1:86:29:e9:fe:e9:7d:a2:fa:78:17:92:b4:2f:25:52:86:30:
         45:85:7f:65:c2:5d:cd:1c:d0:d5:c2:24:a4:3e:42:2a:c4:fc:
         2d:db:b5:f8:f3:57:4f:ae:63:7e:1a:ef:7c:0f:7c:50:3f:a2:
         ba:6d:87:2f:97:69:62:b3:3b:61:b6:24:25:27:90:29:8a:78:
         e4:16:44:05:8b:51:f2:4b:ce:b5:1b:7f:c2:09:20:94:fd:aa:
         62:2b:a2:39:69:4c:f4:a8:3a:ab:60:78:f4:75:47:ce:0c:d5:
         93:f1:26:75:39:b5:d5:9c:b8:b6:39:42:ed:6b:82:c2:1b:d9:
         62:14:5c:1e:38:11:f6:17:94:05:8e:d5:63:4f:5b:a8:3b:e6:
         37:40:75:86
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUFJgGO0s3P0FkNsB/hefzPPxC8t0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwOTI2MDA1NjIxWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AwNjU5M2UyYWIxYTg3MzZmNGUyNDlmY2M1NmM5YTkwN2Qy
MWU1OGRmMDg3YTE1YmYyMzNjM2QwMmExZmRmMjA4MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDWcYmu5gp1zCPxy3oB7rgHZPLQaFJOAa+d9qY3fRF4dbNI
0t2Tve0tebHZxo0t24e+PlI2fcjA/Qq6f3B6wx6IdciamcTjvXXnSFCY2GX4Ihac
vDKSU6IufcoGtKsrWmWVNc/81sOSyY7CRJ1DYF5Fo9j4xx88HoGRKHGveqS2Huoj
7TL+leg2LsrEScjE7aEyGvhJT3/8gKQJKQItOQuAjWq4iVQf9HIko1UpCI+Ksr++
nJ+x4K2obS4f+43dzzToc3CPSY3NHldeDjXCE0IIYMLNaXurDwGKh5sl7LRWtdM1
EN/j17vUvlSnR1am/5V1CawW5s9bLM5PTBeKNOgBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUGPIgao79bh2ddnU1ah/EctT/rWIwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzkxZjNjNTAyLWIyZGYtNDJkNy1iNzJmLTc0YzFjZWFhY2RiOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIDrpQwDQYJKoZIhvcNAQELBQADggEBAK518fmt09zwoExJtaxgiP+mb+3S
NgGk4Pe8YIIANw7UQvWQl3m7oIiTFWOhd31O+41jzqsHR0agoU1hoFFg3bGFRZmL
f88BzY5z0Q9PETy4vU0azrUaVTPxQCaVXfNBRaac81f5ecRhGdS30uGGKen+6X2i
+ngXkrQvJVKGMEWFf2XCXc0c0NXCJKQ+QirE/C3btfjzV0+uY34a73wPfFA/orpt
hy+XaWKzO2G2JCUnkCmKeOQWRAWLUfJLzrUbf8IJIJT9qmIrojlpTPSoOqtgePR1
R84M1ZPxJnU5tdWcuLY5Qu1rgsIb2WIUXB44EfYXlAWO1WNPW6g75jdAdYY=
-----END CERTIFICATE-----